<?php
  //test query http://localhost/findme/getImage.php?id=4&userLogin=SergioEstevao&userTid=7277038;
  
  include_once('session.php');  
  include_once('db.php');
  
  if ( !IsSessionValid()){
		echo "-1";		
		exit;
	}
    
  if ( $_SERVER['REQUEST_METHOD'] === 'POST' )
  {
    // Read the input from stdin     
    print_r("[".file_get_contents("php://input")."]");
    $id = $_POST['id'];    
  }
  else
  {
    $id = $_GET['id'];    
  }
  if ($id) {    			     
    $conn = &ADONewConnection($dbType);
    $conn->PConnect($dbServer, $dbUser, $dbPassword, $dbName);
    //$conn->debug = true;
    
    // [TODO:]check if this image should be visible to this user
    
    // execute query  
    $query = "select filename, data, size, type from image where id_image = $id";
    $rs = $conn->Execute($query);
    foreach ($rs as $row) 
    {
      $name = $row[0];
      $size = $row[2];
      $data = $row[1];
      $type = $row[3];             
      header("Content-length: $size");
      header("Content-type: $type");
      header("Content-Disposition: attachment; filename=$name");
		  echo $data;		  	
    }    
    $conn->close();			     
	}
?>
